The US Department of Health and Human Services (HHS) drafted the original Health Insurance Portability and Accountability Act (HIPAA) in 1996. HIPAA designated patients’ medical data as “protected health information” (PHI) and developed security standards to safeguard it. Later, the Health Information Technology for Economic and Clinical Health Act (HITECH) added several HITECH security standards to broaden these increasingly digital landscape protections.
Category: Compliance Standards
Staying informed about all of the cyber security compliance standards is essential to keeping your company safe from hackers. Read on to learn about the various steps you can take to stay up to date with your industry’s compliance standards.
-
Basic Data Breach Response Planning Steps
It is not often that you find yourselves amid a data crisis, but when you do, you’ll be thankful for all the prior effort you put into designing a response plan.
This article will examine the basic approach to data breach response planning and the steps involved.
-
New CCPA Website Requirements and Your Business: Time for an Update?
The regulatory landscape has shifted once again, and California regulators have pushed through new CCPA website requirements.
Following proposition 24, organizations will now have to address the changes to the CCPA.
Join us in this article to explore what these new changes mean, how they affect your business, and how you can become CCPA website compliant.
-
Your Personal Data Inventory Template
Imagine yourself as a digital frontiersman traveling across cyberspace into all the different websites you visit, leaving behind an echo of your travels. Like an explorer of the 1700s, your personal data does the same thing, leaving its mark on all the internet islands. But we must beware of pirates!
-
Basic CCPA Website Requirements
California has made changes to its consumer privacy act. Some of the changes will affect how companies do business with state residents. The most notable changes apply to websites. There are new requirements and stiffer penalties for organizations that don’t meet CCPA standards.
-
What Is The California Privacy Rights Act?
Voters passed the California Privacy Rights Act (CPRA) or Proposition 24 on November 11th, 2020. While the new law doesn’t go into effect until January of 2023, organizations are already taking steps to ensure compliance.
-
CCPA vs. CPRA: What’s the Difference?
The California Privacy Rights Act (CPRA) was passed at the end of 2020. It bolsters the California Consumers Privacy Act that is already being enforced across the state. Any company or organization with consumers or clients in California must meet the compliance standards of privacy acts’ compliance standards. When looking at CCPA vs. CPRA, it’s not always easy for businesses to understand its meaning.
(more…) -
Guide To CIS Critical Security Control Mapping
CIS critical security controls mapping will help your business achieve best-practice cybersecurity through its detailed approach to tiered implementation, and in this article, we will show you how.
-
Mid-Market GDPR Compliance Checklist
Data protection authorities have been cracking down on GDPR breaches, and experts are not exempt from regulators’ gaze.
-
Making the Most of Your Nist 800-171 Compliance Tools
Companies seeking to work with US governmental agencies need to adhere to strict standards for cybersecurity. This is especially true for contractors looking to work with the US Department of Defense (DoD). To secure specific contracts, and maintain preferred status, you’ll need to comply with the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171. And to do so, there are several NIST 800 171 compliance tools at your disposal.